A global ransomware attack derived from a leaked NSA tool successfully breached into 100,000 computer systems and servers across 99 countries. During the first day of the attack, the focus was set on Bitcoin instead, which had minimal involvement in the ransomware attack, rather than the use of an NSA tool developed using taxpayers’ capital.
What actually happened
On May 12, the WannaCry ransomware began to spread across the world, attacking 75,000 computers in a matter of hours. According to MalwareTech, WannaCry targeted and encrypted 100,000 computers in a period of 24 hours, quickly becoming the largest ransomware attack in history.
The WannaCry ransomware, which is also known as WanaCrypt0r 2.0, infected some of the world’s largest corporations and organizations including the National Health Service (NHS) hospitals in the UK, FedEx and Telefonica. The malware targeted a wide range of industries including the education industry.
As a result, companies weren’t able to carry out operations and hospitals across the UK struggled to serve patients as their databases and servers became encrypted.
On May 13, Russia Today (RT) further revealed that computers at Russia’s Interior Ministry and the country’s largest telecommunications company Megafon also fell victim to the WannaCry ransomware. In an interview with RT, Megafon spokesperson Pyotr Lidov stated:
"The very virus that is spreading worldwide and demanding $300 to be dealt with has been found on a large number of our computers in the second half of the day today.”
Why Bitcoin got blamed, again
Bitcoin was the helm of global media attention because the WannaCry ransomware demanded victims to pay ransom in Bitcoin in order to receive decryption keys to regain access to their encrypted files. Some major media outlets including the New York Times blamed Bitcoin for the WannaCry ransomware attack, emphasizing the “anonymity” of Bitcoin.
Obviously and evidently, Bitcoin is not anonymous in nature. In fact, in its coverage, the New York Times contradicted itself by stating that Bitcoin is anonymous but a startup called Elliptic was able to trace payments back to the accounts of the WannaCry ransomware distributors. Hence, if Elliptic was able to trace transactions or ransom payments to the accounts of the cyber criminals, Bitcoin is not anonymous and is transparent.
Moreover, as Bitcoin and security expert Andreas Antonopoulos noted, Bitcoin had minimal involvement in the ransomware attack solely because Bitcoin was the currency of choice for the ransom payments. If it wasn’t for Bitcoin, the criminals would have used other methods that are much harder to track and trace.
Antonopoulos wrote:
“Ransomware attacks used the leaked NSA tools to compromise computers. News media blaming Bitcoin? Blaming Bitcoin for ransomware is exactly like blaming the duffel bag full of cash for a kidnapping.”
Keep calm and buy Bitcoin
However, after the initial day of the attack, many media outlets specifically in the UK started to offer factual and fair reports. On May 13, the day after the WannaCry ransomware struck, “How to Buy Bitcoin” features dominated the front page of major UK newspapers.
None of the UK media outlets are blaming #bitcoin. But, I've never seen this many "How to Buy Bitcoin" features on local newspapers before. pic.twitter.com/shhI91w3Y8
— Joseph Young (@iamjosephyoung) May 13, 2017
According to analysis, the WannaCry ransomware attack spreads exponentially due to its SMB exploit and remote hijacking on vulnerable computers. Every online IP address exploited by the WannaCry ransomware can get encrypted.
It is likely that more victims will emerge in the next few days as the ransomware attack spreads ever further across the globe.